Home Exams Contribute Leaderboard

Home Exams Contribute Leaderboard Login

Loading provider exams...

© 2026 ZAROS. All Rights Reserved.

info@examcademy.com

Features

About Contribute Questions Leaderboard

Community

Legal

Privacy Policy Terms of Service Legal Notice DMCA

ExamCademy is not affiliated with or endorsed by any certification providers. All trademarks are the property of their respective owners.

/

/

CIS-EM Practice Exam — 125 Free ServiceNow Questions

Join Us Among the Stars

Sign Up & unlock 100% of Exam Questions

Log in / Sign up

No Strings Attached!

Exams
ServiceNow
CIS-EM

CIS-EMPreview

By ServiceNow

Updated

25Q per page

About the CIS-EM Exam

125Practice Questions

3Study Modes

Free

Mode Selection

Choose how you want to study this exam. About study modes →

Topic

Sort

Question 1

Event Management Architecture and Discovery Concepts

Ask AstroTutor

The individual commands that the Agent Client Collector executes on the host are known as what? (Choose three.)

A Events
B Checks
C Parameters
D Policies
E Metrics
F Scripts

0

Question 2

Event Management Overview

0

Question 3

Event Configurations

0

Question 4

Event Management Overview

0

Question 6

Event Configurations

0

Page 1 of 5 • Questions 1-25 of 125

Know a question that should be here? Contribute to this exam

What is Event Management licensing based on?

A The number of unique nodes that can send events to the instance
B The number of connectors and listeners it will collect data from
C The number of connectors it will collect data from
D The number of CIs in the CMDB that it will be monitoring

The additional information field is a JSON string that gives more information about an event. An example of a supported JSON string is:

A {"CPU":100}
B {"CPU":100,’Status":3}
C {"CPU":"100","Status":3}
D {"CPU":"100"}

The Event Management operator workspace can display all of the following except?

A Alert groups
B Manual application services
C Discovered application services from Service Mapping
D Correlation groups
E Technical services

What would be the primary use case for creating Javascripts in Event Management?

A To create a customized pull connector to retrieve events on behalf of an event source
B To automatically populate the Configuration Management Database (CMDB)
C To parse a nodename out of your raw event data in an event rule
D To run as part of a remediation workflow for IT alerts that fail to execute

Question 7

Event Management Architecture and Discovery Concepts

0

Question 8

Alert Configurations

Question 9

Event Management Architecture and Discovery Concepts

Question 10

Event Configurations

Question 11

Event Management Architecture and Discovery Concepts

Question 12

Alert Configurations

Question 13

Event Management Architecture and Discovery Concepts

Question 14

Event Management Architecture and Discovery Concepts

Question 15

Alert Configurations

Question 16

Event Configurations

Question 17

Event Management Connectors

Question 18

Event Configurations

Question 19

Alert Configurations

Question 20

Event Configurations

Question 21

Event Management Connectors

Question 22

Event Configurations

Question 23

Alert Configurations

Question 24

Event Management Overview

Question 25

Alert Configurations

Question 26

Alert Configurations

Ask AstroTutor

0

Ask AstroTutor

0

Ask AstroTutor

0

Ask AstroTutor

0

Ask AstroTutor

0

Ask AstroTutor

0

Ask AstroTutor

0

Ad

Want a break from the ads?

Become a Supporter and enjoy a completely ad-free experience, plus unlock Learn Mode, Exam Mode, AstroTutor AI, and more.

Ask AstroTutor

0

Ask AstroTutor

0

Ask AstroTutor

0

Ask AstroTutor

0

Ask AstroTutor

0

Ask AstroTutor

0

Ask AstroTutor

0

Ask AstroTutor

0

Ask AstroTutor

0

Ask AstroTutor

0

Ask AstroTutor

0

Ask AstroTutor

0

You have a very large networking environment and have noticed that your event notifications are either not being triggered or are delayed.
What are best options to try to resolve this issue? (Choose two.)

A Ensure all Event Management – process events jobs are set to a Ready state
B Verify that the Bucket field in the event table is set to zero (0)
C Add additional event processor jobs
D Ensure multi-node event processing is disabled

When are anomaly alerts generated by Operational Intelligence displayed in alert intelligence?

A When the statistical model threshold is breached
B When they are promoted to IT alerts
C When it is manually promoted in insights explorer
D When the anomaly score is greater than 100

A Service is not viewable in Operator Workspace. What could be the issue?

A The service is a manual service
B The service is not set to operational
C The service was created through Service Mapping
D The service is a technical service

You have an event with a Source of ‘Trap from Enterprise 111’, but the alert created for this event shows a Source of ‘Oracle EM’. If you want to change what this is set to, where in the event rule would you do this?

A Transform and Compose Alert Output lab
B Event rule info tab
C CI Binding tab
D Event Filter tab

What makes all ServiceNow metrics, tasks, services, configuration items, assets, people, locations, and information a single system of record for IT and business processes?

A ServiceNow is installed within your datacenter providing you complete control
B All applications are built on the Oracle database standard, providing uniformity across products
C All applications that are built by ServiceNow utilize the same data model and code base
D ServiceNow runs on supported Windows servers and is managed through Windows Update
E A single table houses all data elements within ServiceNow
F ServiceNow utilizes the AWS MariaDB cloud database structure, providing a single system of record

When creating an alert management rule, where would you specify a workflow to resolve a given condition?

A From the Remediation tab
B From the Actions tab
C From the Launcher tab
D In the Related Links section

What types of system can a MID Server install on? (Choose two.)

A OpenVMS System
B Microsoft Windows Server
C Linux System
D Microsoft Windows Desktop
E Any system inside the customer firewall
F Mac OS X System

What would you use to define the monitoring sources allowed to communicate with the ServiceNow instance for Operational Intelligence?

A Metric Registration
B Metric Config Rules
C Metric Type Actions
D Metric to CI

The value of the Alert Priority score is a composite of what?

A The value of the alert’s category and its relative weight
B The value of the alert’s category and its Priority Group
C The value of the alert’s Severity and its Priority Group
D The value of the alert’s Severity and its relative weight

Which attribute is responsible for de-duplication?

A Metric_name
B Message_key
C Short_description
D Additional_info

What is the default collection/polling interval applied to all event connectors?

A Every 120 seconds
B Every 5 seconds
C Every 40 seconds
D Every 60 seconds
E Every 10 seconds

What feature would you use to trigger a workflow or automatically generate tasks via templates?

A Event rules
B Task rules
C Alert management rules
D Alert correlation rules

What are the valid states an alert can be in during its lifecycle?

A Open, Reopen, Flapping, Closed
B New, Updating, Waiting, Complete
C Open, Updating, Swinging, Closed
D Open, Warning, Flapping, Clear

What Event Management module allows for configuration of automatic task creation?

A Alert management rules
B Task rules
C Event rules
D Alert correlation rules

You have a system configured with a MID Web Server using Basic authentication to enable Operational Management Intelligence (OI) to push raw metric data to the MID Server. No data is getting through to the MID Server.
What is the most likely cause of the issue?

A The MID Web Server needs to be Restarted
B The MID Web Server needs to be Started
C An invalid secret key is being passed in the header information of the URL for the REST request
D An invalid password is set in the MID Web Server Context

In the event table, which field maps the external attributes from the target system?

A Resource
B Description
C Source
D Additional Information

By default, the Alert Console displays what type of alerts?

A All Primary, Open alerts and anomaly alerts with a Severity of Critical, Major, Minor, and Warning that are not in Maintenance mode
B All Primary and Secondary Open alerts and anomaly alerts with a Severity of Critical, Major, Minor, and Warning that are not in Maintenance mode
C All Primary alerts with a Severity of Critical, Major, Minor, Warning that are not in Maintenance mode
D All Primary, Open alerts with a Severity of Critical, Major, Minor, and Warning that are not in Maintenance mode
E All Primary and Secondary Open alerts with a Severity of Critical, Major, Minor, and Warning that are not in Maintenance mode

Which are recommended best practices for Event Management? (Choose three.)

A Filter out events on ServiceNow Instance for easier consolidation and aggregation.
B Promote all events to alerts during initial implementation until you fully understand which should be ignored.
C Filter out events at source rather than in the ServiceNow instance.
D Base-line “normal-state” events to filter out background noise.
E Ignore all non-critical events during initial implementation to streamline processing; add alerts over time as time and resources allow.

For an incoming event with a matching message key, what allows an existing alert to be automatically closed?

A In the event rule, set the Severity to 0
B In the alert rule, set the Severity to 0
C In the alert rule, set the Severity to -1
D In the event rule, set the Severity to -1

A support agent resolves an incident associated with an alert, but the alert does automatically close even though the evt_mgmt.incident_closes_alert property is set appropriately to close the alert.
What is the most likely cause of this issue?

A The support agent does not have the evt_mgmt_user role.
B The support agent only has the evt_mgmt_admin role.
C The support agent has the evt_mgmt_operator role, but not the evt_mgmt_user role.
D The support agent has the evt_mgmt_user role, but not the evt_mgmt_operator role.